ssh keys

I am in the process of trying to get the sensor separated
from the
server. So, here are a couple questions. 

I read README.sensors that says that I need to create an SSH
key pair
with an unprivileged user on the sensor side. What sort of
access does
this unprivileged user need on the sensor side? I take it he
needs to
run something or have some sort of access?!

Second question.

I am trying to build a sensor from scratch. I grabbed snort,
the
patches, and then I did a CVS checkout of the code. I do 
pythong setup.ph install 

for the ossim-agent. I assume that this is the sensor code,
but I guess
it is not.

[rootlocalhost snort]# ossim-agent 
This agent code is obsoleted, please refer to the 'agent'
tree or
download the agent-*.tgz package
If you want to use it nonetheless, comment these lines
inside
'ossim-agent'

Where do I get the agent/sensor code?

brian
-- 
Brian Lavender
http://www.brie.com/brian/


------------------------------------------------------------
-------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and
a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
Os-sim-support mailing list
Os-sim-supportlists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/os-sim-s
upport

Answers inline.

Am 03.08.2007 um 23:18 schrieb Brian Lavender:

> I am in the process of trying to get the sensor
separated from the
> server. So, here are a couple questions.
>
> I read README.sensors that says that I need to create
an SSH key pair
> with an unprivileged user on the sensor side. What sort
of access does
> this unprivileged user need on the sensor side? I take
it he needs to
> run something or have some sort of access?!

Sorry for that one, we started working on a distributed rule
editor  
years ago but discontinued in favour of other more important
things.

You've missed the first line in that file

"Status: Broken, don't use it (2004-06-14 DK)"


>
> Second question.
>
> I am trying to build a sensor from scratch. I grabbed
snort, the
> patches, and then I did a CVS checkout of the code. I
do
> pythong setup.ph install
>
> for the ossim-agent. I assume that this is the sensor
code, but I  
> guess
> it is not.
>
> [rootlocalhost snort]# ossim-agent
> This agent code is obsoleted, please refer to the
'agent' tree or
> download the agent-*.tgz package
> If you want to use it nonetheless, comment these lines
inside
> 'ossim-agent'
>
> Where do I get the agent/sensor code?

You have to do a checkout of the "agent" tree
instead of the "os-sim"  
tree.

Good luck 

Dominique

>
> brian
> -- 
> Brian Lavender
> http://www.brie.com/brian/

>
>
------------------------------------------------------------
---------- 
> ---
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? 
Stop.
> Now Search log events and configuration files using
AJAX and a  
> browser.
> Download your FREE copy of Splunk now >>  http://get.splunk.com/
> _______________________________________________
> Os-sim-support mailing list
> Os-sim-supportlists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/os-sim-s
upport


------------------------------------------------------------
-------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and
a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
Os-sim-support mailing list
Os-sim-supportlists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/os-sim-s
upport